Exchange of digitally signed certificates is often used to establish mutual trust between strangers that wish to share resources or to conduct business transactions. Automated Trust Negotiation (ATN) is an approach to regulate the flow of sensitive information during such an exchange. Previous work on ATN are based on access control techniques, and cannot handle cyclic policy interdependency satisfactorily. We show that the problem can be modelled as a 2-party secure function evaluation (SFE) problem, and propose a scheme called oblivious signature-based envelope (OSBE) for efficiently solving the SFE problem. We develop a provably secure and efficient OSBE protocol for certificates signed using RSA signatures. We also build provably secure and efficient one-round OSBE for Rabin and BLS signatures from recent constructions for identity-based encryption. We also discuss other applications of OSBE.
To appear in ACM Symposium on Principles of Distributed Computing (PODC 2003), Boston, Massachusetts, July 2003.
Paper: (Paper in PDF)